//package com.sztz.config;
//
//import com.sztz.filter.LoginAuthenticationFilter;
//import com.sztz.filter.TokenAuthenticationFilter;
//import com.sztz.handle.MyAccessDeniedHandler;
//import com.sztz.handle.MyAuthenticationFailureHandler;
//import com.sztz.handle.MyAuthenticationSuccessHandler;
//import com.sztz.handle.MyUnAuthenticationEntryPoint;
//import com.sztz.service.impl.MyUserDetailServiceImpl;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.authentication.AuthenticationManager;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.config.http.SessionCreationPolicy;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.crypto.password.PasswordEncoder;
//import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
//
///**
// * Spring Security配置
// * @author yzy
// * @date 2022/12/13 13:38
// */
//@Configuration
//@EnableWebSecurity
//public class SecurityConfig extends WebSecurityConfigurerAdapter {
//
//    /**
//     * 认证成功处理器
//     */
//    private final MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;
//    /**
//     * 认证失败处理器
//     */
//    private final MyAuthenticationFailureHandler myAuthenticationFailureHandler;
//    /**
//     * 用户服务
//     */
//    private final MyUserDetailServiceImpl myUserDetailService;
//
//    @Autowired
//    public SecurityConfig(MyAuthenticationSuccessHandler myAuthenticationSuccessHandler,MyAuthenticationFailureHandler myAuthenticationFailureHandler,MyUserDetailServiceImpl myUserDetailService){
//        this.myAuthenticationSuccessHandler = myAuthenticationSuccessHandler;
//        this.myAuthenticationFailureHandler = myAuthenticationFailureHandler;
//        this.myUserDetailService = myUserDetailService;
//    }
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        http.csrf().disable()//禁止跨站csrf攻击防御，
//                .formLogin().disable()//前后端分离不需要表单登录，要禁用
//                //配置资源的访问规则
//                .authorizeRequests()
//                //配置直接放行的资源，不需要登录认证与角色权限控制
//                .antMatchers("/login","/toLogin","/user/*").permitAll()
//                //指定资源配置user角色与admin角色访问权限,角色默认都是大写ROLE_开头的
//                .mvcMatchers("/hello/test").hasAnyAuthority("ROLE_user","ROLE_vip")
//                //另一种角色权限的资源配置方式, hasAnyRole会自动加上ROLE_
//                .mvcMatchers("/hello/test1").hasAnyRole("admin")
//                //除了上面的规则，其它的资源都需要登录认证通过后才能访问
//                .anyRequest().authenticated();
//
//        //未授权的自定义处理方式
//        http.exceptionHandling().authenticationEntryPoint(new MyUnAuthenticationEntryPoint())
//                //权限不足时的自定义处理方式
//                .accessDeniedHandler(new MyAccessDeniedHandler());
//
//        //开启记住我功能
//        http.rememberMe().rememberMeParameter("remember");
//        //注销请求配置， 默认为 /logout
//        http.logout().clearAuthentication(Boolean.TRUE);
//
//        //将这个过滤器添加到UsernamePasswordAuthenticationFilter之前执行
//        http.addFilterBefore(authenticationLoginFilterBean(), UsernamePasswordAuthenticationFilter.class);
//        //配置自定义jwt权限认证过滤器
//        http.addFilterBefore(new TokenAuthenticationFilter(myUserDetailService),UsernamePasswordAuthenticationFilter.class);
//        //禁用session，前后端分离用不到
//        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
//    }
//
//    /**
//     * 配置自定义登录认证过滤器
//     */
//    @Bean
//    public LoginAuthenticationFilter authenticationLoginFilterBean() throws Exception {
//        //用自定义户登录认证过滤器
//        LoginAuthenticationFilter filter = new LoginAuthenticationFilter();
//        //自定义认证成功处理器
//        filter.setAuthenticationSuccessHandler(myAuthenticationSuccessHandler);
//        //自定义认证失败处理器
//        filter.setAuthenticationFailureHandler(myAuthenticationFailureHandler);
//        //需要设置AuthenticationManager
//        filter.setAuthenticationManager(authenticationManagerBean());
//        return filter;
//    }
//
//    @Bean
//    @Override
//    public AuthenticationManager authenticationManagerBean() throws Exception {
//        return super.authenticationManagerBean();
//    }
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth.userDetailsService(myUserDetailService).passwordEncoder(passwordEncoder());
//    }
//
//    /**
//     * 密码解析器，可以自定义
//     * @return org.springframework.security.crypto.password.PasswordEncoder
//     * @author yzy
//     * @date 2023/3/15 10:03
//     */
//    @Bean
//    public PasswordEncoder passwordEncoder(){
//        return new BCryptPasswordEncoder();
//    }
//}
